1bb95349df7cafbecf97a1cbff91eadb11b76d1ae61211d90be5f4e614c4c20b

General

Target

mainUnblockers.md
Size

410KB
MD5

4946aa8ee49d9c05cddf691289aede84
SHA1

7242aad2a2d69b8c7f4ae1990003550579584063
SHA256

1bb95349df7cafbecf97a1cbff91eadb11b76d1ae61211d90be5f4e614c4c20b
SHA512

bed126ad117d75d187eca13d4f267c5e23099f630a1ea2324d11498cc578d2d47be3ea1bec376748007ede899111321b33b25763964c0af7b87d203ba858a1dc
SSDEEP

12288:3/opX3jkeOvHS1d1+CNs8wbiWQ19dvZJT3CqQrhryf65NRPaCieMjdvCJv1Vi0Z1:vo5g2i9

Score

1^/10

Malware Config

Signatures

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/mainUnblockers.md\""
1⤵
PID:476

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/mainUnblockers.md\""
1⤵
PID:476

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/mainUnblockers.md
1⤵
PID:476
- /bin/zsh
  /bin/zsh -c /Users/run/mainUnblockers.md
  2⤵
  PID:478
- /Users/run/mainUnblockers.md
  /Users/run/mainUnblockers.md
  2⤵
  PID:478
- /bin/sh
  sh /Users/run/mainUnblockers.md
  2⤵
  PID:478
- /bin/bash
  sh /Users/run/mainUnblockers.md
  2⤵
  PID:478

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.2028
1⤵
PID:517

/Applications/Safari.app/Contents/MacOS/Safari
/Applications/Safari.app/Contents/MacOS/Safari
1⤵
PID:517

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.History
1⤵
PID:518

/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
/System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
1⤵
PID:518

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.BB3706E4-F600-452D-AA88-60A7B24ECDC1 517
1⤵
PID:519

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:519

/usr/libexec/xpcproxy
xpcproxy com.apple.SafariLaunchAgent
1⤵
PID:524

/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
1⤵
PID:524

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.93F9ECBD-CDA2-4E1A-AF59-D5763C78559A 517
1⤵
PID:525

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:525

/usr/libexec/xpcproxy
xpcproxy com.apple.Safari.SafeBrowsing.Service
1⤵
PID:533

/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
1⤵
PID:533

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.0B73E8C5-D864-4B40-A4BD-F7A9713DB225 517
1⤵
PID:534

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:534

/usr/libexec/xpcproxy
xpcproxy com.apple.WebKit.WebContent.8924976C-A00C-40B7-A3FA-581217E1389F 517
1⤵
PID:536

/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1⤵
PID:536

/usr/libexec/xpcproxy
xpcproxy com.apple.audio.AudioComponentRegistrar
1⤵
PID:538

/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
1⤵
PID:538

/usr/libexec/xpcproxy
xpcproxy com.apple.audio.SandboxHelper 534
1⤵
PID:539

/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper
/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper
1⤵
PID:539

/usr/libexec/xpcproxy
xpcproxy com.apple.ReportMemoryException
1⤵
PID:540

/usr/libexec/ReportMemoryException
/usr/libexec/ReportMemoryException
1⤵
PID:540

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/Users/run/Library/Safari/Favicon Cache/favicons/01CEB59CBE4DB6DC6A6C5253FF659D4F

Filesize
5KB

MD5
4f72663012543ad7cfa1dd5d78dc5af0

SHA1
069001eaaa436c30a43a0c6073c3d31ad4a7d21a

SHA256
133e23f3ccf9be03dbd128bb941c6042b66f3ea331650c79f992ea88ee1a7d77

SHA512
d112f52124d0a70a36c0f0fd30dcf0b2b597f079c07aa7d772025bf5e1286b35846fc9bcfe99ca07d62ceb342c9ce84651d17dc69c8871b297bfe140a791c0e6

Download Submit
/Users/run/Library/Safari/Favicon Cache/favicons/2529545429CE075A4E64DE7DAA3D4C27

Filesize
5KB

MD5
f3418a443e7d841097c714d69ec4bcb8

SHA1
49263695f6b0cdd72f45cf1b775e660fdc36c606

SHA256
6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

SHA512
82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

Download Submit
/Users/run/Library/Safari/Favicon Cache/favicons/843FE16E5757FAA28BE63EA31191F3EF

Filesize
31KB

MD5
12ce3ae25e7d9c8f79686f4d7beb5e64

SHA1
83963532b5fcdf1c152bd85e29f7f38abe6d63bf

SHA256
9e84d0f4aeb91bda595238a825824cb672a1f78915788229f3d34fefa4f4d7f4

SHA512
b31465a626630ba32c8cd131148eebe6a9078d4814a9a265bf12746558509fdd2c7abfc58cb8233b87cb3ba236615b16cffb67a5ebe9885a7f42beea3d487999

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/malware,osx,url_expression

Filesize
252KB

MD5
c43e6cdc955c0061042a431f3aa61ce6

SHA1
8e4b5cc5320c2a7ae4eda048ae7f0db07d3832b9

SHA256
8134714270d60bf55906c0d30bf4d24625d8ec07ce0a10be2aecb60ce0b1c850

SHA512
f05aa0bfaa1cdb087de66f27bcedfa82c30154d5fe88561eb5edf814940bd41aff2ebe00f90d314f421bec34d6af60e52aa14919db633797a1c27666482c80b1

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/social_engineering,osx,url_expression

Filesize
16.8MB

MD5
6b1f17c7e0e726c93f6858d71415a3a9

SHA1
8c1270f3cc9f40147e6c03a61486f99251f1f233

SHA256
f43d364ee3a2a5460a0c518639f8656242cbbec6d4096ab8318edbbe4484db95

SHA512
e090e018ae31b6a4256669bccdc1e3bea68918fc84961122afc2208b2e2d7f89514e35251731c78d65121e5840672957bcc18a0e33a05aa8b23269e5a4b3a017

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari.SafeBrowsing/Google/unwanted_software,osx,url_expression

Filesize
123KB

MD5
e955b0a74437c2ee892d19f15ebf0a5d

SHA1
78590afab7dad8aa4687fdadba8abb953dbebb16

SHA256
359ddf5429a62a7576bfdc84cda4f3a8f864c509c156c0430187624769a82a63

SHA512
58f57731f56505fe578b4b2de04a7dd079160b05260341a36cb5aa7fc7a40f767be2a199c759116cdb31e924747d882af5efc8f6bf8da1ade436c1a33bb6d414

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari//mds/mdsDirectory.db

Filesize
47KB

MD5
0e4a0d1ceb2af6f0f8d0167ce77be2d3

SHA1
414ba4c1dc5fc8bf53d550e296fd6f5ad669918c

SHA256
cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030

SHA512
1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Download Submit
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C/com.apple.Safari//mds/mdsObject.db

Filesize
4KB

MD5
d3a1859e6ec593505cc882e6def48fc8

SHA1
f8e6728e3e9de477a75706faa95cead9ce13cb32

SHA256
3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c

SHA512
ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads